Dear OpenSSl developers, somewhere we've read about document signature with RSASSA-PSS has been implemented, maybe in the 1.0.2 trunk.
Currently, in 1.0.1 signatures can be created and verified using PSS padding, if the checks are carried out manually. I.e. RSA_public_decrypt(... , RSA_NO_PADDING); ... RSA_verify_PKCS1_PSS_mgf1(...); reveals the correct result, but the algorithm oid is wrong if we use PKCS7_sign() and the PSS-parameters are missing. Looking into the code, this is very clear. Are PSS-signatures supported more completely in the dev trunk so it's worth to try, or shold we wait or contribute? Thanks in Advance -- Christian Weber mailto:[email protected] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
